CVE-2008-1154

The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors.

Severity	HIGH
CVSS	10.0
CWE	CWE-287
KEV
Published	18 years ago
Modified	3 weeks ago

Related Products

Product	Advisory	Evidence
Cisco Unified Presence Server	cisco-sa-20080403-drf	Cisco OpenVuln
Cisco Unified MobilityManager	cisco-sa-20080403-drf	Cisco OpenVuln
Cisco Unified Communications Manager	cisco-sa-20080403-drf	Cisco OpenVuln
Cisco Emergency Responder	cisco-sa-20080403-drf	Cisco OpenVuln